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Description 

The present invention relates to a multimedia net- 
work system for transmitting real-time communication 
type information such as television video signals, and 5 
storage type information such as computer files using 
at least one transmission path. 

In recent years, optical fiber networks have been 
set up in trunk communication networks, satellite com- 
munications have been put into practical applications, 
and local area networks (LANs) have increasingly been 
widespread. In order to prevent a communication con- 
tent from being leaked to a third party other than a party 
concerned in communications, it is important to consti- 
tute a network system which can attain an encryption/ 
privacy function. 

So-called information service industries that charge 
depending upon contents and amounts of information 
services via such a communication network are growing 
larger. For this reason, It is also important to simultane- 
ously record and acquire charge information for infor- 
mation services in addition to the encryption/privacy 
function. 

As a conventional information encryption/privacy 
function system, secret-key cryptosystem and public- 
key cryptosystem are known. 

For further details of these systems, see D.W. Dav- 
is, W.L Pric, "Network Security", edited and translated 
by Tadahiro Uezono and published by Nikkei McGraw- 
Hill Co. (1986). 

These systems will be briefly described below (for 
further details, see the above reference). 

In the secret-key cryptosystem, transmission and 
reception terminals share an encryption/decryption key, 
so that information is encrypted/transmitted and de- 
crypted using this key. 

As an encryption system of this type, a large 
number of systems, e.g., a simple sum encryption/per- 
mutation encryption system, an encryption system 
called "DES' (data encryption standard) which Is stand- 
ardized by U.S. Department of Commerce (National Bu- 
reau of Standard), and the like are known. 

In the secret-key system, an encryption/decryption 
key must be determined in advance between transmis- 
sion and reception terminals, and must be kept secret 
from a third party. If a third party knows this key he or 
she can easily decrypt encrypted information. 

In contrast to this, in the public-key cryptosystem, 
a pair of different encryption and decryption keys are 
used, and an encryption key is disclosed to all the ter- 
minals. 

Each temninal has its own encryption key A trans- 
mission terminal selects a key of a destination terminal 
from the disclosed encryption keys of the respective ter- 
minals, and encrypts and transmits information using 
the selected key On the other hand, a reception terminal 
decrypts the received information using a decryption 
key paired with the selected key 
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In this system, since a pair of keys with which a de- 
cryption key is difficult to determine from an encryption 
key are used, even when the encryption key is dis- 
closed, a third party substantially cannot decrypt en- 
crypted information. 

Since a secret-key need not be determined in ad- 
vance between transmission and reception terminals, a 
key will not be known by a third party when a key is de- 
termined in advance between transmission and recep- 
tion terminals. 

However, the above prior art systems suffer from 
the following drawbacks. 

In the secret-key cryptosystem, 

(1) an encryption/decryption key must be deter- 
mined in advance between transmission and recep- 
tion terminals, and a key may be known to a third 
party during a communication for determining the 
encryption/decryption key; 

(2) even when the same key is repetitively used to 
avoid such undesirable disclosure of the key a third 
party may find out the key upon comparison of a 
plurality of pieces of information encrypted by the 
same key; and 

(3) if complex encryption such as the DES is per- 
formed, the above-mentioned possibility can be re- 
duced. However, it is difficult to encrypt data having 
a large data transfer volume per unit time such as 
a digital video signal. 

In the public-key cryptosystem, 
(4) it is generally difficult to perform high-speed 
encryption/decryption processing. 

Since the two encryption systems suffer from the 
above-mentioned drawbacks (1 ) to (4), it is convention- 
ally difficult to safely encrypt real-time communication 
type information such as a video signal which must be 
transmitted at high speed. 

A still further prior art arrangement is known from 
the publication "Conditional Access Broadcasting: Dat- 
acare 2: An Over-Air Enabled System For General Pur- 
pose Data Channels" by D.T Wright published in BBC 
Research Department Report, August 1 988, Tadworth, 
Surrey UK, p. 1 - 18. Disclosed therein is a method for 
enciphering and scrambling of data to be transferred 
from a transmission point to a plurality of receiving 
points as, for example, in a broadcasting system. This 
method provides a multi-level key encryption system, in 
which lower level keys are sent to a decoder (receiving 
point) by enciphering them with a higher level key The 
highest level key is pemrianent for the decoder lifetime 
and the lowest level key is changed in regular intervals 
as often as possible. Moreover, this system provides a 
specific data format containing different address blocks 
and corresponding key types to address messages to 
all users, to a group of users or to an individual user of 
the system and to encipher message and control blocks, 
respectively, addressed to the corresponding user cat- 
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egory. 

Thus, due to the necessity of providing different ad- 
dress blocks for addressing the transmitted data to dif- 
ferent users or groups of users, respectively, a plurality 
of key types has to be provided, depending on the des- 
tination and contents of data to be transmitted. 

It is therefore an object of the present invention to 
solve the above drawbacks and to provide a multimedia 
network system capable of encrypting and transmitting 
real-time communication type information such as a vid- 
eo signal which must be transmitted at high speed, so 
that the encrypted information cannot be easily decrypt- 
ed. 

This object is achieved by a multimedia network 
system according to claims 1, 2 and 3, respectively, as 
well as by a data communication method for transmitting 
data from a transmitting terminal to a receiving terminal 
in a network system according to claim 9. 

More specifically, a multimedia network system for 
transmitting real-time communication type information 
such as a television video signal and storage type infor- 
mation such as a computer file using at least one trans- 
mission path, comprises secret-key encryption means 
for encrypting the real-time communication type infor- 
mation by secret-key system in which only transmitting 
and receiving terminals of the information have encryp- 
tion and decryption keys, public-key encryption means 
for encrypting the storage type information by a public- 
key system in which all the terminals commonly have 
their own encryption keys, and only a receiving terminal 
of the information has its own decryption key, and se- 
cret-key control means for causing the secret-key en- 
cryption means to change a common encryption key in 
each communication, and causing the public-key en- 
cryption means to encrypt and transmit the changed 
key. 

The system further comprises time measurement 
means for measuring an encryption or decryption time 
of a transmission terminal which performs encryption 
using a secret-key by the secret-key encryption means 
or a reception terminal which performs decryption using 
a secret-key, and charging means for calculating charge 
information in accordance with information transmission 
or reception time measured by the time measurement 
means. 

With the above arrangement, since the secret and 
public key encryption systems are selectively adopted, 
the drawbacks of the prior arts can be eliminated, and 
high-speed information can be safely encrypted and 
transmitted. 

More specifically, when real-time communication 
type information is to be encrypted, the secret-key cryp- 
tosystem which can perform high-speed encryption/de- 
cryption processing by a relatively simple encryption 
method is used. Meanwhile, when storage type informa- 
tion is to be encrypted, a communication is performed 
using the public-key cryptosystem which can reduce a 
fear of decryption by a third party although it performs 



encryption/decryption processing at low speed. 

When a secret-key for encrypting real-time commu- 
nication type information is determined in advance, a 
communication is performed using the public-key cryp- 

5 tosystem used in encryption of storage type information, 
and the determined secret-key is abandoned after each 
communication. Thus, the secret-key for encrypting re- 
al-time communication type infomnation can be prevent- 
ed from being found out by a third party and high-speed 

10 information can be safely transmitted. 

Other features and advantages of the present in- 
vention will be apparent from the following description 
taken in conjunction with the accompanying drawings, 
in which like reference characters designate the same 

'5 or similar parts throughout the figures thereof. 

Figs. 1A and IB are block diagrams showing the 
first embodiment according to the present inven- 
tion; 

20 Fig. 2 is a schematic diagram showing a multimedia 
network system to which the first embodiment is ap- 
plied; 

Fig. 3 is a flow chart showing a schematic operation 
of the first embodiment; 
25 Fig. 4 is a diagram showing a function of a portion 
for performing encryption using a public key in Figs. 
1Aand 1B; 

Fig. 5 is a diagram showing a function of a portion 
for putting a digital signature in Figs. 1 A and 1 B; 
30 Figs. 6A and 6B are block diagrams of a meeting 
system according to the second embodiment of the 
present invention; 

Fig. 7 is a block diagram of an interface for a trans- 
mitter in the second embodiment; and 
35 Fig. 8 is a block diagram of an interface for a receiv- 
er in the second embodiment. 

An embodiment of the present invention will be de- 
scribed in detail hereinafter with reference to the accom- 
40 panying drawings. 

[First Embodiment] 

The first embodiment of the present invention will 
45 be described below with reference to Figs. 1 A to 4. 

Figs. 1 A and 1 B are block diagrams of the first em- 
bodiment of the present invention, Fig. 2 is a schematic 
diagram showing a multimedia network system to which 
the first embodiment is applied. Fig. 3 Is a flow chart 
50 showing a schematic operation of the first embodiment. 
Fig. 4 is a diagram showing a function of a portion for 
performing encryption using a public-key in Figs. 1 A and 
1 B, and Fig. 5 is a diagram showing a function of a por- 
tion for putting a digital signature in Figs. 1A and IB. 
55 In Figs. 1Aand 1B, reference numeral 1 denotes a 
first terminal for encrypting and transmitting real-time 
communication type information; 2, a second terminal 
for receiving and decrypting the encrypted real-time 
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communication type information; and 3, a transmission 
path. 

In the first temriinal 1, reference numeral 101 de- 
notes a magnetic storage device for storing storage type 
information such as computer files, electronic slips, and s 
the like in the transmission terminal 1 ; 1 02, a digital sig- 
nature unit for putting a digital signature for, when stor- 
age type information is transmitted, certifying that the 
information is surely transmitted from the first terminal 

1, and is not forged by a third party; 103, a public-key 
encryption unit for encrypting storage type information 
using a public encryption key inherent to the second ter- 
minal 2 as a destination of information; 104, a public- 
key decryption unit for decrypting storage type informa- 
tion, which is encrypted using a public encryption key 
inherent to the first terminal 1 and is transmitted to the 
first terminal, using a secret decryption key inherent to 
the terminal 1 ; 1 05, a signature confirmation unit for con- 
firming a digital signature for certifying that the storage 
type information decrypted by the public-key decryption 
unit 104 is surely transmitted from the second terminal 

2, and is not forged by a third party; 106, a real-time 
communication type information generator, such as a 
TV camera 106a, a VTR 106b, and the like, for gener- 
ating digital real-time communication type information; 
107, a synchronization signal generator for performing 
synchronization necessary for communications be- 
tween the first and second terminals 1 and 2; 1 08, a 
clock extraction unit for extracting a clock signal from 
real-time communication type information from the real- 
time communication type information generator 106; 

109, apseudo random number generator for generating 
a pseudo random number string which has a one-to-one 
correspondence with a data key given from the magnet- 
ic storage device 101, and is synchronous with a clock 
signal from the clock extraction unit 108; 110, an EX-OR 
gate for logically EX-ORing information from the real- 
time communication type information generator 106, 
and the pseudo random number from the pseudo ran- 
dom number generator 109; 111, a charge information 
acquisition unit for measuring an operation state of the 
pseudo random number generator 109, and acquiring 
information associated with a charge to be paid for in- 
formation to be transmitted; and 112, a communication 
interface for transmitting information from the public-key 
encryption unit 103, and a signal from the EX-OR gate 

110, and receiving signals from the transmission path 3 
and outputting them to the public-key decryption unit 
104. 

In the second terminal 2, reference numerals 201 
to 205 and 21 2 denote a magnetic storage device, a dig- 
ital signature unit, a public key encryption unit, a public- 
key decryption unit, a signature confirmation unit, and a 
communication interface similar to the components 1 01 
to 105 and 112 in the first terminal. Reference numeral 
206 denotes a real-time communication type informa- 
tion processor, comprising, e.g., a CRT 206a, a VTR 
206b, a magnetic storage device 206c, and the like, for 



displaying, storing, and processing real-time communi- 
cation type information; 207, a synchronization signal 
extraction unit for extracting a synchronization signal 
generated by the synchronization signal generator 107 
from signals transmitted through the transmission path 
3; 208, a received clock extraction unit for extracting a 
clock component from transmitted signals; 209, a pseu- 
do random number generator for, when the same key 
as the pseudo random number generator 109 in the first 
terminal 1 as a transmitter of real-time communication 
type Information is given, generating the same pseudo 
random number; and 210, an EX-OR gate for logically 
Ex-ORing information received from the communication 
interface 212 and the pseudo random number from the 
pseudo random number generator 209. 

In Fig. 2, reference numeral 11 denotes a transmit- 
ting station, corresponding to the first terminal 1 shown 
in Figs. 1 A and 1 B, for providing information, and receiv- 
ing a charge for the information; 21 A to 21 C, 22A to 22C, 
23A to 23C, and 24A to 24C, receiving stations, having 
the same arrangement as the second terminal 2 shown 
in Figs. 1A and IB, for receiving information from the 
transmitting station 11, and paying the charge for the 
received information; 31 , a communication satellite; 32, 
a trunk station for providing a trunk communication net- 
work using an optical fiber; 33, a communication net- 
work such as a CATV; 34, a local area network (LAN); 
341 to 344, nodes for exchanging information between 
the LAN 34 and external stations; 35, a ground station 
for performing communications between the transmit- 
ting station 11 and the communication satellite 31; and 
351 , and 361 to 363, antennas used in communications 
between the communication satellite and the ground 
station. 

Note that the transmission path 3 in Figs. 1A and 
1 B includes a transmission path using the ground sta- 
tion 35 and the communication satellite 31 shown in Fig. 
2, a transmission path using the trunk station 32. a trans- 
mission path using the CATV network 33, a transmission 
path using the LAN 34, and the like. 

The schematic operation of the system of this em- 
bodiment will be described below with reference to the 
flow chart shown in Fig. 3. 

In the system shown in Fig. 2, the transmitting sta- 
tion 11 provides real-time communication type informa- 
tion such as video information in accordance with re- 
quests from the receiving stations 21 A to 24C, and this 
information is transmitted to the requesting receiving 
station via the communication satellite 31 , the trunk sta- 
tion 32, the CATV network 33, or the LAN 34. The re- 
ceiving station pays the charge for this information. All 
the pieces of information excluding payment of this 
charge are transmitted through one of the transmission 
paths shown in Fig. 2, i.e., in an on-line manner between 
the transmitting station 11 and the receiving stations 
21 A to 24C. 

The network shown in Fig. 2 must take counter- 
measures against the following illegal actions (1 ) to (4). 
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(1 ) A third party taps real-time communication type 
information without paying any charge. 

(2) A third party disguises another receiving station, 
and requests and receives information. 

(3) A receiving station alters a demand electronic s 
slip after it receives information. 

(4) A receiving station forges a receipt electronic 
slip without paying a charge. 

In this embodiment, in order to prevent such illegal io 
actions, the transmitting station 1 1 as the first terminal 
1 is equipped with the public-key encryption unit 103, 
the public key decryption unit 104, and the pseudo ran- 
dom number generator 109 shown in Figs. 1A and IB, 
and each of the receiving stations 21 A to 24C as the is 
second terminals is equipped with the public-key en- 
cryption unit 203, the public-key decryption unit 204, and 
the pseudo random number generator 209. 

Therefore, a procedure from when each receiving 
station requests information until it pays a charge is as 20 
follows. 

In step SI, a file (electronic slip) for ordering infor- 
mation is transmitted from a given receiving station to 
the transmitting station 11. This file is encrypted/de- 
crypted by a public-key system (to be described later) 
when it is transmitted/received. The transmitting station 
which received the file transmits real-time communica- 
tion type information according to the file to the ordering 
receiving station in step S2. The transmission informa- 
tion is encrypted/decrypted by a secret-key system, as 
will be described later. 

In step S3, the receiving station transmits an elec- 
tronic slip for confirming reception to the transmitting 
station 11. In step 84, the transmitting station 11 trans- 
mits a charge demand electronic slip to the receiving 
station. The electronic slip is encrypted/decrypted by the 
public-key system (to be described later) when it is 
transmitted/received. 

The receiving station pays the charge using a 
means outside a network in step S5. The transmitting 
station 11 which confirmed the payment transmits a re- 
ceipt electronic slip to the ordering receiving station in 
step S6. This electronic slip is also encrypted/decrypted 
by the public- key system (to be described later) when it 
is transmitted/received. 

Information is provided and a charge is paid via the 
above-mentioned procedure. 

Encryption/decryption processing of this embodi- 
ment in the information communication sequence 
shown in Fig. 3 which has been schematically described 
above will be described in detail below. 

In this embodiment, real-time communication type 
information is encrypted/decrypted by the secret-key 
system using the pseudo random number generators 
109 and 209 when it is transmitted/received. 

In contrast to this, electronic slips are encrypted by 
the public-key system using the corresponding encryp- 
tion and decryption units. 



Encryption/decryption of real-time communication 
type information by the secret-key system of this em- 
bodiment will be briefly described below. 

The transmitting station 11 of this embodiment log- 
ically EX-ORs a string of real-time communication type 
information to be transmitted and a pseudo random 
number string generated by the pseudo random number 
generator 109 based on a data encryption key from the 
magnetic storage device 101, thereby encrypting and 
transmitting the real-time communication type informa- 
tion. 

A receiving station logically EX-ORs the encrypted 
signal and a pseudo random number string which is gen- 
erated by the pseudo random number generator 209 
based on a data encryption key from the magnetic stor- 
age device 201 and is the same as that generated by 
the pseudo random number generator 109 of the trans- 
mitting station 11, thereby decrypting the information. 

In the above description, the transmitting station 
and the receiving station employ the same pseudo ran- 
dom number generator. Therefore, when the same data 
encryption key is given to these generators, the same 
pseudo random number string can be generated. 

The public-key encryption/decryption system of this 
embodiment will be described below. 

In this embodiment, the public-key system is used 
to encrypt and transmit information request and receipt 
data, charge demand and receipt electronic slips, and 
a data encryption key in the secret-key system. 

When the data encryption key in the secret-key sys- 
tem v\rtiich is transmitted from the transmitting station 11 
to a source receiving station in advance is encrypted 
and transmitted by the public-key cryptosystem, the key 
can be prevented from being known to a third party. The 
key is changed for each communication, so that an en- 
cryption pseudo random number string can be prevent- 
ed from being found out upon comparison of a plurality 
of communication texts. 

Since this embodiment employs these encryption 
systems, real-time communication type information 
having a high bit rate can be safely encrypted at high 
speed in real time. 

In this embodiment, in order to particularly prevent 
the above-mentioned illegal actions (2) to (4), electronic 
slips are encrypted/decrypted by the public- key system, 
and the terminals have a function of performing a digital 
signature and a function of confirming the digital signa- 
ture using the digital signature units 102 and 202, and 
the signature confirmation units 1 05 and 205 for certify- 
ing a transmission source simultaneously with encryp- 
tion. 

Thus, in particular, the illegal actions (2) to (4) de- 
scribed above can be effectively prevented. For this rea- 
son, when an electronic slip is forged by a third party or 
is altered after transmission, such forgery or alteration 
can be detected. 

The above-mentioned public -key cryptosystem and 
the digital signature function of this embodiment will be 
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described below with reference to Figs. 4 and 5. 

The public-key cryptosystem of this embodinnent 
will first be described in detail with reference to Fig. 4. 

In Fig. 4, an input "x" represents non-encrypted in- 
formation such as an electronic slip or a data encryption s 
key; 'ke", a key used for encrypting information by the 
public-key cryptosystem; "E", an encryption unit for en- 
crypting the information "x" using the key "ke"; "y", Infor- 
mation encrypted by the encryption unit E; "kd", a key 
used tor decryption; "D", a decryption unit for decrypting io 
the encrypted information "y" using the key "kd"; "ks", 
information for determining a pair of the encryption key 
"ke" and the decryption key "kd"; and "F" and "G", de- 
vices for respectively generating the encryption key "ke" 
and the decryption key "kd" based on the information '5 
"ks". 

The information "ks" and the decryption key "kd" are 
preserved as secret information inherent to each tenni- 
nal so as not be disclosed outside the terminal. In con- 
trast to this, the encryption key "ke" is disclosed to all 20 
the terminals as public information inherent to each ter- 
minal. 

In the above arrangement, a transmitting terminal 
encrypts information using the public encryption key in- 
herent to a destination terminal to which information is 2S 
to be transmitted, and transmits the encrypted informa- 
tion. The encryption key "ke" and the decryption key "kd" 
are paired. In this case, a pair of keys with which the 
decryption key "kd" cannot be presumed from the en- 
cryption key "ke" are used. Such a pair of keys are gen- 30 
erated by utilizing a function called a one way function. 

As an example of the one way function, if two rela- 
tively prime integers are represented by "p" and "q", their 
product "n" is given by (n = p-q). More specifically "n" 
can be easily calculated from "p" and "q", but it is difficult 35 
to obtain "p" and "q" from "n". By utilizing this fact, the 
above-mentioned pair of keys can be generated. 

In this embodiment, information is encrypted using 
a public encryption key, and the encrypted information 
is transmitted. The encrypted information is decrypted 
using a secret decryption key which cannot be pre- 
sumed from the encryption key, so that safe encryption 
transmission can be guaranteed without transmitting a 
decryption key 

The digital signature function of this embodiment 45 
will be described in detail below with reference to Fig. 5. 

In Fig. 5, reference symbol 's" denotes a signed 
communication text. The same reference symbols de- 
note the portions having the same functions as in Fig. 
4, and a detailed description thereof will be omitted. so 

In the above arrangement, when a digital signature 
is transmitted, a transmitting terminal decrypts original 
information using its own decryption key and transmits 
the decrypted information. A receiving terminal encrypts 
the decrypted information using a public encryption key 55 
Since encryption and decryption have a mathematically 
inverse-functional relationship, even when the above 
operations are performed, the received and encrypted 



information can be restored to the original one before 
being subjected to decryption in the transmitting termi- 
nal. The decryption key "kd" is preserved as a secret 
method of a transmitting terminal, as described above, 
and cannot be presumed from the public encryption key 
"ke". Therefore, the receiving terminal encrypts the 
transmitted signed communication text "s" using the 
public encryption key thereby obtaining information 'x" 
as an original communication text. 

As a result, it can be certified that this information 
"x" is surely issued from a terminal which discloses the 
encryption key. Information forged by a third party who 
does not know a decryption key becomes one which is 
not subjected to proper encryption processing. Even if 
information is encrypted by an improper encryption key, 
a nonsense signal (information) can only be obtained. 

Detailed roles of the respective units when the 
above-mentioned processing operations are performed 
will be described below along an actual procedure. 

In the following description, a case will be exempli- 
fied wherein the receiving station 24B receives informa- 
tion from the transmitting station 11 , and pays a charge 
for the received information. The same applies to com- 
munications of other stations, as a matter of course. 

The receiving station 248 as the terminal 2 shown 
in Figs. 1A and IB executes processing in step SI 
shown in Fig. 3. More specifically the terminal 24B gen- 
erates an electronic slip for requesting real-time com- 
munication type information (order slip) in the magnetic 
storage device 201 . Subsequently the digital signature 
unit 202 puts a digital signature on this electronic slip 
using a secret signature decryption key inherent to the 
receiving station 24B. Furthermore, the encryption unit 
203 encrypts the electronic slip including the digital sig- 
nature using a public encryption key inherent to the 
transmitting station 11 , and transmits the encrypted slip 
to the transmission path 3 via the communication inter- 
face 212. 

The receiving station 248 is connected to the LAN 
34 via the node 343, and the signed encrypted slip from 
the receiving station 248 is sent to the LAN 34 via the 
node 343. The encrypted slip is then sent to the trans- 
mitting station 11 via the nodes 344 and 341. 

This slip is fetched in the transmitting station 11 by 
the communication interface 112. This signal is decrypt- 
ed by the public-key decryption unit 104 using a secret 
decryption key inherent to the transmitting station 11. 
The decrypted information includes the digital signature 
transmitted from the receiving station 24B, and the sig- 
nature confirmation unit 105 confirms the digital signa- 
ture transmitted from the receiving station 24B, thus cer- 
tifying that the electronic slip is sent from the receiving 
station 248. This electronic slip is stored in the magnetic 
storage device 101. 

The transmitting station 11 then executes process- 
ing in step S2 shown in Fig. 3. More specifically the sta- 
tion 11 determines a secret-key encryption data key 
used when real-time communication type information is 
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transmitted. The station 11 causes the digital signature 
unit 102 to put a signature on the data key. The public- 
key encryption unit 103 then encrypts the data key using 
a public key. The data key is transmitted to the receiving 
station 24B. The receiving station 24B decrypts the re- 5 
ceived signal, confirms the signature, and receives the 
data key. The station 24B sets up the pseudo random 
number generator 209 using this data key to prepare for 
reception of real-time communication type information. 
Thereafter, the receiving station 24B sends, to the trans- io 
mitting station 11, a message indicating that the station 
24B is ready for reception. 

When the transmitting station 11 receives the recep- 
tion ready message, it sets up the pseudo random 
number generator 1 09 using the same data key as that ^5 
transmitted to the receiving station 24B, and thereafter, 
energizes the synchronization signal generator 107 to 
generate a synchronization signal. The station 11 then 
starts an operation of a requested device of the real-time 
communication type information generator 1 06, and log- 20 
ically EX-ORs a signal train output from this device and 
a pseudo random number string, thereby encrypting the 
signal train. The station 11 transmits the encrypted sig- 
nal train to the receiving station 24B via the communi- 
cation interface 112. In the receiving station 24B which 
received the encrypted signal train via the communica- 
tion interface 21 2, the synchronization signal extraction 
unit 207 detects a synchronization signal in this signal 
train to start the pseudo random number generator 209. 

The EX-OR gate 210 logically EX-ORs the encrypt- 
ed real-time communication type information from the 
transmitting station 11, and a pseudo random number 
string generated by the pseudo random number gener- 
ator 209, thereby decrypting the information. The de- 
crypted information is input to the CRT 206a, the VTR 
206b, and the like. 

The pseudo random number generators 109 and 
209 of the transmitting station 11 and the receiving sta- 
tion 24B are respectively connected to the charge infor- 
mation acquisition units 111 and 211 for measuring op- 
eration times of their own apparatuses and acquiring 
charge information. The charge information acquisition 
units 111 and 211 allow demand and payment of a 
charge corresponding to a transmitted information vol- 
ume. 

In this embodiment, since the charge information 
acquisition units 111 and 211 for measuring operation 
times of their own apparatuses and acquiring charge in- 
formation are connected, the acquired charge informa- 
tion is output to, e.g., a display, so that both the trans- 
mitting and receiving stations can grasp the charge in- 
formation. Thus, preparation for a later payment can be 
smoothly performed. 

When the acquired charge information is transmit- 
ted at the end of a communication, a future trouble can 
be prevented. 

Upon completion of transmission of the real-time 
communication type information, the receiving station 



24B executes processing in step S3 in Fig. 3. More spe- 
cifically, the station 24B puts a signature on and en- 
crypts a receipt electronic slip (reception confirmation 
slip) under the same control as described above, and 
sends it to the transmitting station 11. 

The transmitting station 1 1 similarly puts a signature 
on and encrypts a charge demand electronic slip, and 
sends it to the receiving station 24B in step S4 in Fig. 3. 

The receiving station 24B pays the charge to the 
transmitting station 11 via a bank or by another method 
in step S5. 

The transmitting station 11 puts a signature on and 
encrypts a receipt electronic slip, and sends it to the re- 
ceiving station 24B in step S6. thus completing a unit of 
information service transaction. 

As described above, since this embodiment exe- 
cutes the above-mentioned procedure, real-time com- 
munication type information can be safety encrypted 
and transmitted at high speed in real time while an en- 
cryption key is prevented from being known to or pre- 
sumed by a third party. In addition, electronic slips can 
be prevented from being forged or altered. 

Since all the communication texts are encrypted, a 
third party cannot know contents of information transac- 
tions. Therefore, not only contents but also the pres- 
ence/absence of communications can be kept secret. 

[Another Embodiment] 

The present invention is not limited to the encryp- 
tion/decryption processing in the above-mentioned sys- 
tem, and is not limited to the arrangement and control 
of the above embodiment, either. The encryption/de- 
cryption processing of the present invention is applica- 
ble to various other data transmission systems. 

The second embodiment of the present invention in 
which the present invention is applied to another system 
will be described below with reference to Figs. 6A to 8. 

In recent years, a meeting system utilizing a net- 
work, so-called, an electronic meeting or television 
meeting system, has become increasingly popular 
Such a meeting system utilizes a LAN provided in an 
office and a public circuit to exchange signals from a 
television camera for picking up images of men or arti- 
cles, a document image, or signals from an image scan- 
ner between meeting rooms at remote locations. In gen- 
eral, a plurality of electronic meeting rooms are connect- 
ed to the LAN provided in the office, and infomnation Is 
transmitted through a public circuit network. Therefore, 
in order to prevent a meeting from being intercepted by 
another meeting room or to prevent information being 
tapped by a third party, information must be encrypted. 
Figs. 6A and 6B are schematic block diagrams of the 
meeting system of this embodiment. In Figs. 6 A and 6B, 
reference numeral 5 denotes a first office in a given en- 
terprise; and 6, a second office of the given enterprise. 
These two offices are connected through a public circuit 
7. 
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In the first office 5, reference numeral 51 denotes a 
first meeting room A of the office 5; 52 and 53, second 
and third meeting rooms C and D of this office; 511 to 
51 5, devices equipped in the meeting room A (reference 
numeral 511 denotes a controller; 512, a display; 513, s 
a document presentation CRT; 51 4, a television camera; 
and 51 5, an image scanner); 551 to 555, nodes; 561 , a 
transmission line of the LAN; and 562, a transmission 
path branching from the LAN. These transmission lines 
comprise coaxial cables or optical fiber cables. io 

In the second office 6, meeting rooms B 61 and E 
62, nodes 651 to 655, an interface 64, and transmission 
paths 661 and 662 which are the same as those in the 
office 5 are equipped. 

Figs. 7 and 8 show schematic arrangements of '5 
communication interfaces for executing encryption of 
the respective devices excluding the controllers 
equipped in the meeting rooms shown in Figs. 6A and 
6B in the meeting system of this embodiment with the 
above arrangement. 20 

Fig. 7 is a diagram of an interface for a transmitting 
equipment such as the television camera, the image 
scanner, or the like for transmitting information, and Fig. 
8 is a diagram of an interface for a receiving equipment 
such as the display, the CRT, or the like for receiving 25 
information. 

In Figs. 7 and 8, reference numerals 71 and 81 de- 
note these information equipments; 72 and 82, clock ex- 
traction circuits for extracting clock components from in- 
formation signals; 73 and 83; pseudo random number 30 
generators; 74 and 84, control circuits for controlling 
synchronization of communications, generation of 
pseudo random numbers, automatic operations of the 
information equipments, and the like; 75 and 85, EX-OR 
gates for logically EX-ORing signals; and 76 and 86. 35 
transmission/reception circuits for transmitting/receiv- 
ing signals onto/from transmission lines. 

The operation of this embodiment with the above 
arrangement will be described below. In the following 
description, a case will be exemplified below wherein a 40 
meeting is performed between the meeting rooms A 51 
and B 61. The meeting rooms 52, 53, 62, and the like 
have the same functions as those of these meeting 
rooms, and the same operations are performed among 
other meeting rooms, as a matter of course. ^ 

Assume that the controllers of the meeting rooms, 
e.g., the controllers 511 and 611 have an information 
encryption function by the public-key cryptosystem de- 
scribed in the first embodiment. 

The controller 511 of the meeting room 51 deter- so 
mines a data key for the secret-key cryptosystem for the 
equipments in the meeting rooms 51 and 61 prior to the 
meeting between the meeting rooms 51 and 61 . The 
controller 51 1 encrypts data key by the same public-key 
system as in the first embodiment, and transmits it to 55 
the controller 61 1 of the meeting room 61 . The controller 
51 1 then transmits the data key to the control circuits 74 
and 84 of all the equipments in the meeting room 51, 



thereby setting up encryption communication interfaces 
of these equipments. 

The controller 611 similarly transmits the data key 
to the controllers of the equipments in the meeting room 
61 , thereby setting up the interfaces. 

Thereafter, the respective equipments are synchro- 
nized using synchronization signals therefrom, and a 
communication is started. 

In this state, information from each transmitting 
equipment is logically EX-ORed with a pseudo random 
number string based on the predetemnined data key so 
as to be encrypted, and the encrypted information is 
transmitted. Each receiving equipment decrypts the sig- 
nal using the same pseudo random number string, and 
receives it. Encryption/decryption during these opera- 
tions are perfonned in the same manner as in the first 
embodiment described above. 

When the electronic meeting is performed in this 
manner, it can be prevented from being intercepted 
from, e.g.. the meeting room C 52 or D 53. 

The information can also be prevented from being 
tapped by a third party during transmission along the 
public circuit. 

The first and second embodiments of the present 
invention have been described in detail. However, the 
application range of the present invention is not limited 
to these embodiments. 

More specifically in multimedia networks for trans- 
mitting real-time communication type information which 
must be encrypted in real time, and storage type infor- 
mation which requires safety-guaranteed encryption 
and certification of an information source via the same 
medium, the present invention is applicable to various 
other systems, and does not depend on network sys- 
tems, and kinds of terminals. 

As described above, according to the present in- 
vention, in a multimedia network for communicating re- 
al-time time communication type information and stor- 
age type information, the real-time communication type 
information is encrypted by the secret-key system, and 
the storage type information is encrypted by the public- 
key system. In addition, a data key in the secret-key sys- 
tem is encrypted by the public-key system, and the en- 
crypted key is transmitted. 

For this reason, in particular, real-time communica- 
tion type information can be encrypted more safely at 
higher speed. 

Since a means for measuring an operation time of 
secret-key encryption device is arranged, charge infor- 
mation for the transmitted information can be acquired 
by a simple device. 

As many apparently widely different embodiments 
of the present invention can be made without departing 
from the scope thereof, it is to be understood that the 
invention is not limited to the specific embodiments 
thereof except as defined in the appended claims. 
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Claims 

1. A multimedia networlc system for transmitting real- 
time data such as a television video signal and 
stored data sucli as a computer file using at least s 
one transmission path, comprising: 

a transmitting terminal (1) comprising 

a secret-key encryption means (108, 109, 110; 
72, 73. 75) for encrypting the real-time data by io 
a secret-key system in which data transmitting 
terminals and data receiving terminals both 
know the secret-key used for encryption and 
decryption of transmitted data; 
a public-key encryption means (103) for en- 
crypting the stored data by a public-key system 
in which the encryption key of each terminal is 
commonly accessible but the decryption key of 
each terminal is held private by each corre- 
sponding terminal; and 

a first secret-key control means (101, DATA 
KEY; 74) for causing said secret-key encryption 
means to change the secret-key, 

characterized in that 

said first sec ret- key control means causes 
said public-key encryption means to encrypt and 
transmit the changed secret-key, and causes said 
secret-key encryption means to change the secret- 
key in response to the reception of a data transmis- 30 
sion request from a receiving temninal each time 
such a data transmission request is received. 

2. A multimedia network system for transmitting real- 
time data such as a television video signal and 35 
stored data such as a computer file using at least 
one transmission path, comprising: 

a receiving terminal (2) comprising 

a secret-key decryption means (208, 209; 82, 40 
83, 85) for decrypting the real-time data by a 
secret-key system in which data transmitting 
terminals and data receiving temninals both 
know the secret-key used for encryption and 
decryption of transmitted data; 
a public-key decryption means (204) for de- 
crypting the stored data by a public-key system 
in which the encryption key of each terminal is 
commonly accessible but the decryption key of 
each terminal is held private by each corre- so 
sponding terminal; and 

a second secret-key control means (201 , DATA 
KEY; 84) for causing said secret-key decryption 
means to change the secret-key, 

55 

characterized in that 

said receiving terminal (2) further comprises re- 



quest transmission means (201 , 202, 203, 21 2) 
for transmitting a data transmission request to 
a transmitting terminal, and 
said second secret-key control means causes 
said secret-key decryption means to change 
the secret-key in response to the reception of 
a new secret-key from a transmitting temninal 
each time such a new secret-key is received in 
response to the transmission of such a data 
transmission request from the receiving termi- 
nal. 

3. A multimedia network system for transmitting real- 
time data such as a television video signal and 
stored data such as a computer file using at least 
one transmission path, comprising: 
a transmitting terminal (1) comprising 

a secret-key encryption means (108, 109; 72, 
73, 75) for encrypting the real-time data by a 
secret-key system in which data transmitting 
terminals and data receiving terminals both 
know the secret-key used for encryption and 
decryption of transmitted data; 
a public-key encryption means (103) for en- 
crypting the stored data by a public-key system 
in which the encryption key of each terminal is 
commonly accessible but the decryption key of 
each terminal is held private by each corre- 
sponding terminal; and 

a first secret-key control means (101, DATA 
KEY; 74) for causing said secret-key encryption 
means to change the secret-key; and 

a receiving terminal (2) comprising 

a secret-key decryption means (208, 209; 82, 
83, 85) for decrypting the real-time data by a 
secret- key system in which data transmitting 
terminals and data receiving terminals both 
know the secret-key used for encryption and 
decryption of transmitted data; 
a public-key decryption means (204) for de- 
crypting the stored data by a public-key system 
in which the encryption key of each terminal Is 
commonly accessible but the decryption key of 
each terminal is held private by each corre- 
sponding terminal; and 

a second secret-key control means (201 , DATA 
KEY; 84) for causing said secret-key decryption 
means to change the secret-key, 

characterized in that 

said receiving terminal further comprises re- 
quest transmission means (201, 202, 203, 
2012) for transmitting a data transmission re- 
quest to a transmitting terminal, and 
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said first secret-key control means causes said 
public-key encryption means to encrypt and 
transmit the changed secret-key, and causes 
said secret-key encryption means to change 
the secret-key in response to the reception of 
a data transmission request from a receiving 
terminal each time such a data transmission re- 
quest is received, and 

said second secret-key control means causes 
said secret-key decryption means to change 
the secret-key in response to the reception of 
a new secret-key from a transmitting terminal 
each time such a new secret-key is received in 
response to the transmission of such a data 
transmission request from the receiving termi- 
nal. 

4. The system according to claim 3, 
characterized In that 

said transmitting terminal for performing encryption 
using the secret-key by said secret-key encryption 
means or said receiving terminal for performing de- 
cryption using the secret-key by said secret-key de- 
cryption means further comprises time measure- 
ment means (107. 108; 207, 208) for measuring an 
encryption or decryption time, and charge means 
(111; 211) for calculating charge information in ac- 
cordance with a transmission or reception time of 
information measured by said time measurement 
means. 

5. The system according to claim 3, 
characterized in that 

a file for ordering information from said receiving 
terminal to said transmitting terminal, and the real- 
time data transmitted from said transmitting termi- 
nal to said receiving terminal in accordance with the 
file are encrypted using the secret-key by said se- 
cret-key encryption means, and a reception confir- 
mation file for the real-time data, which file is trans- 
mitted from said receiving terminal to said transmit- 
ting terminal, and a charge demand file from said 
transmitting terminal to said receiving terminal are 
encrypted by said public-key encryption means, 
and are decrypted by the decryption key inherent to 
said receiving terminal. 

6. The system according to claim 5, 
characterized in that 

said public-key encryption means of said transmit- 
ting terminal encrypts real-time data by logically EX- 
ORing a real-time data string and a pseudo random 
number string generated based on the stored data 
encryption key, and transmits the encrypted real- 
time data. 

7. The system according to claim 5, 
characterized in that 



said public-key encryption means of said receiving 
terminal decrypts real-time data by logically EX- 
ORing a received real-time data string and a pseu- 
do random number string generated based on the 
s stored data encryption key. 

8. The system according to claim 5, 
characterized in that 

10 said transmitting temninal further comprises 

digital signature means (102) for putting a dig- 
ital signature for certifying a transmission 
source simultaneously with encryption when 
files are transmitted, and 

IS said receiving terminal further comprises con- 

firmation means (205) for confirming the digital 
signature. 

9. A data communication method for transmitting data 
20 from a transmitting terminal to a receiving terminal 

in a network system, wherein each of the transmit- 
ting and the receiving terminals comprise a secret- 
key encryption unit and a secret-key decryption unit 
each for encrypting and decrypting data by a secret- 
es key system in which only transmitting and receiving 
terminals know the secret-key used for encryption 
and decryption of transmitted data and comprising 
a public-key encryption unit and a public-key de- 
cryption unit for encrypting and decrypting data by 
30 a public-key system in which the encryption key of 
each terminal is commonly accessible but the de- 
cryption key of each terminal is held private by each 
corresponding terminal, said method comprising 
the steps of: 

35 

requesting data transmission from the receiv- 
ing terminal to the transmitting terminal; 
encrypting, a secret-key of the secret-key en- 
cryption unit in the transmitting terminal, by the 
40 public-key encryption unit in the transmitting 

terminal; 

transmitting the encrypted secret-key from the 
transmitting terminal to the receiving terminal; 
decrypting the encrypted secret-key by the 
4S public-key decryption unit and setting secret- 

key in the secret-key encryption unit in the re- 
ceiving terminal; 

encrypting a requested data by the secret-key 
encryption unit in the transmitting terminal; 
so transmitting the requested and encrypted data 

from the transmitting terminal to the receiving 
terminal; 

decrypting the transmitted data by the secret- 
key decryption unit in the receiving terminal; 

55 

wherein 

the secret-key encryption unit of the transmit- 
ting terminal changes the secret-key each time a 
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request of data transmission is received from the 
receiving terminal. 

Patentanspruche 5 

1 . tVlultimedianetzwerksystem zur Sendung von Ecfit- 
zeitdaten, beispielsweise eines Femsehvideosi- 
gnals, und gespeicherter Daten, beispielsweise ei- 
ner Computerdatei, unter Verwendung wenigstens io 
eines Obertragungsweges, mit: 
einer Sendestation (1) mit 



einem Verschlusselungsmittel (204) fur offent- 
lichen Code zur Verschlusselung der gespei- 
cherten Daten durch ein System mit offentli- 
chem Code, bei dem der Verschlusselungsco- 
de einer jeden Station gemeinschaftlich zu- 
ganglich ist, jedoch der Verschlusselungscode 
einer jeden Station von jeder zugehorigen Sta- 
tion im engen Kreis gehalten wird; und 
einem zweiten Geheimcodesteuermittel (201, 
DATA KEY; 84) zur Veranlassung des Geheim- 
codeverschlusselungsmittels zur Anderung 
des Geheimcodes, 



einem Geheimcodeverschlusselungsmittel 
(108, 109. 110; 72, 73. 75) zur Verschlusselung 
der Echtzeitdaten durch ein Geheimcodesy- 
stem, bei dem Datensende- und Datenemp- 
fangsstationen beide den Geheimcode ken- 
nen, der zur Verschlusselung und zur Ent- 
schlusselung von gesendeten Daten benutzt 20 
wird; 

einem Verschlusselungsmittel mit offentlichem 
Code (103) zur Verschlusselung der Speicher- 
daten durch ein System mit offentlichem Code, 
bei dem der Verschlusselungscode einer jeden 25 
Station gemeinschaftlich zuganglich ist, jedoch 
der Verschlusselungscode einer jeden Station 
im engen Kreis einer jeden zugehorigen Station 
gehalten wird; und 3. 
einem ersten Geheimcode- Steuermittel (101, 30 
DATA KEY; 74) zur Veranlassung des Geheim- 
codeverschlusselungsmittels zur Anderung 
des Geheimcodes, 

dadurch gekennzelchnet, daf3 3S 

das erste Geheimcodesteuermittel das Ver- 
schlusselungsmittel mit offentlichem Code zur Ver- 
schlusselung und Sendung des geanderten Ge- 
heimcodes veranla3t und das Geheimcodever- 
schlOsselungsmittel zur Anderung des Geheimco- 40 
des abhangig vom Empfang von einer Datensende- 
anfordrung aus einer Empfangsstation bei jeder 
empfangenen Datensendeanforderung veranlaBt. 

2. Multimedianetzwerksystem zur Sendung von Echt- 
zeltdaten, beispielsweise eines Fernsehvideosi- 
gnals, und gespeicherter Daten, beispielsweise ei- 
ner Computerdatei, unter Venvendung wenigstens 
eines Obertragungsweges, mit: 
einer Empfangsstation (2) mit 50 

einem Gehelmcodeverschlusselungsmittel 
(208, 209; 82, 83, 85) zur Verschlusselung der 
Echtzeitdaten durch ein Geheimcodesystem, 
bei dem Datensendestationen und Datenemp- 55 
fangsstationen beide den zur Verschlusselung 
und Entschlusselung der gesendeten Daten 
venwendeten Geheimcode kennen; 



dadurch gekennzelchnet, da3 

die Empfangsstation (2) des weiteren ausge- 
stattet ist mit Sendeanforderungsmittein (201. 
202, 203, 21 2) zur Sendung einer Datensende- 
anforderung an eine Sendestation, und 
das zweite Geheimcodesteuermittel die Ge- 
heimcodeverschlusselungsmittel zur Ande- 
rung des Geheimcodes abhangig vom Emp- 
fang eines neuen Geheimcodes aus einer Sen- 
destation jedesmal veranla3t, wenn ein neuer 
Geheimcode abhangig von der Sendung einer 
solchen Datensendeanforderung aus der Emp- 
fangsstation empfangen wird. 

Multimedianetzwerksystem zur Sendung von Echt- 
zeitdaten, beispielsweise eines Fernsehvideosi- 
gnals, und gespeicherter Daten, beispielsweise ei- 
ner Computerdatei, unter Verwendung wenigstens 
eines Obertragungsweges, mit: 
einer Sendestation (1) mit 

einem Geheimcodeverschlusselungsmittel 
(108, 109, 72, 73, 75) zur Verschlusselung der 
Echtzeitdaten mit einem Geheimcodesystem, 
bei dem Datensendestationen und Datenemp- 
fangsstationen beide den der Verschlusselung 
und Entschlusselung der Obertragenen Daten 
dienenden Geheimcode kennen; 
einem Verschlusselungsmittel (103) fur offent- 
lichen Code zur Verschlusselung der gespei- 
cherten Daten durch ein System mit offentli- 
chen Code, bei dem der Verschlusselungscode 
einer jeden Station gemeinschaftlich zugang- 
lich Ist, aber der Verschlusselungscode einer 
jeden Station von jeder zugehorigen Station im 
engen Kreis gehalten wird; und 
einem ersten Geheimcodesteuermittel (101, 
DATA KEY; 74), urn die Geheimcodeverschlus- 
selungsmittel zur Anderung des Geheimcodes 
zu veranlassen; und 

einer Empfangsstation (2) mit 

einem Geheimcodeverschlusselungsmittel 
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(208, 209; 82, 83. 85) zur Verschlusselung der 
Echtzeitdaten durch ein Geheimcodesystem. 
bei dem Datensendestationen und Datenemp- 
fangsstationen beide den der Verschlusselung 
und Entschlusselung der gesendeten Daten 5 
dienenden Geheimccxie kennen; 
einenn Verschlusselungsnnitte! (204) mil offent- 
lichem Code zur Verschlusselung der gespel- 
cherten Daten durch ein System mit offentfi- 
chem Code, bei dem der Verschlusselungsco- io 
de einer jeden Station gemeinschaftlich zu- 
ganglich ist, jedoch der VerschlOsselungscode 
einer jeden Station von jeder zugehorlgen Sta- 
tion im engen Krets gehalten wird; 
einem zweiten Geheimcodesteuermittel (201, '5 
DATA KEY; 84) zur Veranlassung des Geheim- 
codeverschlusselungsmittels, den Geheim- 
code zu andem, 

dadurch gekennzeichnet, da3 20 

die Empfangsstation des weiteren ausgestattet 
ist mit Sendeanforderungsmitteln (201, 202, 
203, 2012) zur Sendung einer Datensendean- 
forderung an eine Sendestation, und dal3 25 
das erste Geheimcodesteuermittel das Ver- 
schlusselungsmittel mit offentllchem Code zur 
Verschlusselung und Sendung des geanderten 
Geheimcodes veranla3t und das Geheimcode- 
verschlusselungsmittel zur Sendung der Anfor- 30 
derung aus einer Empfangsstation bei jedem 
Empfang einer Datensendeanforderung veran- 
Ia3t, und da3 

das zweite Geheimsteuermittel das Geheim- 
codesteuermittel zur Anderung des Geheimco- 3S 
des abhangig vom Empfang eines neuen Ge- 
heimcodes aus einer Sendestation veranlaRt, 
immer wenn ein neuer Geheimcode abhangig 
von der Sendung einer solchen Datensendean- 
forderung von der Empfangsstation empfan- 40 
gen wird. 

4. System nach Anspruch"3, 
dadurch gekennzeichnet, da3 

45 

die Sendestation zur Ausfuhrung der Ver- 
schlusselung unter Verwendung des Geheim- 
codes durch das Geheimcodeverschlusse- 
lungsmittel oder die Empfangsstation zur Aus- 
fuhrung der Entschlusselung unter Verwen- so 
dung des Geheimcodes durch das Geheim- 
codeentschlusselungsmittel des weiteren aus- 
gestattet ist mit 

Zeitmef5mitteln (107, 108; 207, 208) zur Mes- 
sung einer Verschlusselungs- oder Entschlus- 5S 
selungszeit, Gebuhrenmitteln (11 1 ; 211 ) zur Er- 
rechnung der GebOhren information gemafJ ei- 
ner von den ZeitmefJmitteIn gemessenen Sen- 



de- Oder Empfangszeit der Information. 

5. System nach Anspruch 3, 
dadurch gekennzeichnet, da3 

eine Datei zur Informationsanforderung aus 
der Empfangsstation an die Sendestation und zur 
Anforderung der Echtzeitdaten, die aus der Sende- 
station an die Empfangsstation gema8 der Datei 
unter Verwendung des vom Geheimcodeverschlus- 
selungsmittel verschlusselten Geheimcodes ge- 
sendet werden, und einer Empfangsbestatigungs- 
datei fur von der Empfangsstation an die Sendesta- 
tion gesendete Echtzeitdaten, wobei eine Gebuh- 
renforderungsdatei aus der Sendestation an die 
Empfangsstation von den Verschlusselungsmittein 
fur offentlichen Code verschlusselt und mit dem der 
Empfangsstation eigenen Entschlusselungscode 
entschlussett wird. 

6. System nach Anspruch 5, 
dadurch gekennzeichnet, da3 

das VerschlQsselungsmittel mit offentllchem 
Code der Sendestation die Echtzeitdaten durch lo- 
gisches EX- ODERn einer Echtzeitdatenkette mit 
einer auf der Grundlage des gespeicherten Daten- 
verschlusselungscodes erzeugten Pseudozufalls- 
zahlenkette verschlusselt und die verschlusselten 
Echtzeitdaten sendet. 

7. System nach Anspruch 5, 
dadurch gekennzeichnet, da(3 

das VerschlQsselungsmittel mit offentllchem 
Code der Empfangsstation Echtzeitdaten durch lo- 
gisches EX- ODERn einer empfangenen Echtzeit- 
datenkette mit einer auf der Grundlage des gespei- 
cherten Datenverschlusselungscode erzeugten 
Pseudozufallszahlenkette verschlusselt. 

8. System nach Anspruch 5, 
dadurch gekennzeichnet, da3 

die Sendestation des weiteren ausgestattet 
ist mit digitalen Unterschriftsmittein (102) zur Gabe 
einer digitalen Unterschrift, um eine Sendequelle 
gleichzeitig mit der VerschlDsselung bei Sendung 
von Dateien zu sichern, und daB die Empfangssta- 
tion des weiteren Bestatigungsmittel (205) zur Be- 
statigung der digitalen Unterschrift enthalt. 

9. Datenubertragungsvertahren zur Datensendung 
aus einer Sendestation an eine Empfangsstation in 
ein Netzwerksystem, wobei jede der Sende- und 
Empfangsstation en eine Geheimcodeverschlusse- 
lungseinheit und eine Geheimcodeentschlusse- 
lungseinheit zur Verschlusselung und Entschlusse- 
lung von Daten durch ein Geheimcodesystem be- 
sitzt, bei dem nur Sende- und Empfangsstationen 
den Geheimcode kennen, der zur Ver- und Ent- 
schlusselung der gesendeten Daten dient und aus- 
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gestattet ist mit einer Verschlusselungseinheit mil 
offentlichem Code und einer Entschlusselungsein- 
heit mit offentlichem Code zur Verschlussetung und 
Entschlusselung der Daten durch ein System mit of- 
fentlichem Code, bei dem der Verschlusselungsco- s 
de einer jeden Station gemeinschaftlich zuganglich 
ist, aberder VerschlOsselungscode einer jeden Sta- 
tion von der zugehorigen Station im engen Kreis ge- 
halten wird, mit den Verfahrensschritten: 

10 

Datensendeanforderung von der Empfangs- 
station an die Sendestation; 
Verschlusselung eines Geheimcodes der Ge- 
heimcodeverschlusselungseinheit in der Sen- 
destation durch eine Verschlusselungseinheit '5 
mit offentlichem Code in der Sendestation; 
Senden des verschlusselten Geheimcodes von 
der Sendestation an die Emptangsstation; 
Entschlussein des verschlusselten Geheimco- 
des mit der Entschlusselungseinheit fur offent- 20 
lichen Code und Einsetzen des Geheimcodes 
in die Geheimcodeverschlusselungseinheit in 
der Emptangsstation; 

Verschlussein angeforderter Daten durch die 
Geheimverschlusselungseinheit in der Sende- 2S 
station; 

Senden der angeforderten und verschlusselten 
Daten aus der Sendestation an die Emptangs- 
station; 

Entschlussein der gesendeten Daten durch die 
GeheimcodeentschlOsselungseinheit in der 
Emptangsstation; wobei 
die Geheimcodeverschlusselungseinheit der 
Sendestation den Geheimcode bei jeder von 
der Emptangsstation empfangenen Datensen- 
deanforderung andert. 

Revendications 

1. Syst6me de r6seau multimedia pour transmettre 
des donn6es en temps r6el, comme un signal vid6o 
de television, et des donnees enregistrees telles 
qu'unflchier informatique, en utilisantau moins une 
voie de transmission, comprenant : 
un terminal emetteur (1) comprenant 



la c\6 de cryptage de chaque terminal est ac- 
cessible de fafon commune, mais la cl6 de 66- 
cryptage de chaque terminal est gard6e priv6e 
par chaque terminal correspondant; et 
des premiers moyens de commande de cl6 se- 
crete (101, DATA KEY; 74) pour faire en sorte 
que les moyens de cryptage ^ cl6 secrete chan- 
gent la eld secrdte, 

caract6ris6 en ce que 

les premiers moyens de commande de cl6 se- 
crfete font en sorte que les moyens de cryptage k 
cl6 publique cryptent et 6mettent la cl6 secrete 
changde, et ils font en sorte que les moyens de 
cryptage ^ cl6 secrete changent la cl6 secrete sous 
I'effet de ta reception d'une demande d'6mlssion de 
donn6es provenant d'un terminal r6cepteur, chaque 
fois qu'une telle demande d'dmission de donn6es 
est re9ue. 

2. Syst6me de r6seau multimedia pour transmettre 
des donnees en temps reel, comme un signal vid6o 
de television, et des donnees enregistrees telles 
qu'un fichier informatique, en utilisant au moins une 
voie de transmission, comprenant : 
un terminal recepteur(2) comprenant 



des moyens de d6cryptage ^ cl6 secrete (208, 
209; 82, 83, 85) pour decrypter les donnees en 
30 temps reel par un systeme k cle secrete, dans 

lequel des terminaux 6metteurs de donnees 
ainsi que des terminaux recepteurs de donnees 
connaissent la cle secrete qui est utilisee pour 
le cryptage et le d6cryptage de donn6es 6mi- 
35 ses; 

des moyens de decryptage k cle publique (204) 
pour d6crypter les donn6es enregistrees au 
moyen d'un systeme k cl6 publique dans lequel 
la cle de cryptage de chaque terminal est ac- 
40 cessible de fa^on commune, mais la cle de de- 

cryptage de chaque terminal est gardee privee 
par chaque terminal correspondant; et 
des seconds moyens de commande de cie se- 
crete (201, DATA KEY; 84) pour faire en sorte 
45 que les moyens de decryptage k cl6 secrete 

changent la cle secrete. 



des moyens de cryptage k cl6 secrete (108, 
109, 110; 72, 73, 75) pour crypter les donndes 
en temps reel par un systeme ^ cie secrete 
dans lequel des temninaux emetteurs de don- 
nees ainsi que des terminaux recepteurs de 
donnees connaissent la cie secrete qui est uti- 
lisee pour le cryptage et decryptage de don- 
nees emises; 

des moyens de cryptage k cle publique (103) 
pour crypter les donnees enregistrees au 
moyen d'un systeme k cie publique dans lequel 



caracterise en ce que 

50 le terminal recepteur (2) comprend en outre des 

moyens d'6mission de demande (201, 202, 
203, 212) pour emettre une demande d'emis- 
slon de donnees vers un terminal emetteur, et 
les seconds moyens de commande de cle se- 

55 Crete font en sorte que les moyens de decryp- 

tage a cte secrete changent la cie secrete sous 
I'effet de la reception d'une nouvelle cie secrete 
k partir d'un terminal emetteur, chaque fois 
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qu'une telle nouvelle cl§ secrete est re^ue sous 
I'effet de remission d'une telle demande 
d'6mission de donn6es ^ partir du terminal r6- 
cepteur 

5 

3. Systdme de rdseau multimedia pour transmettre 
des donndes en temps r6el, comme un signal vid6o 
de television, et des donn^es enregistrdes telles 
qu'un fichier informatique, en utilisant au moins une 
voie de transmission, comprenant : 
un temiinal 6metteur (1) comprenant 

des moyens de cryptage k cl6 secrete (108, 
109; 72, 73, 75) pour crypter les donnees en 
temps reel par un systeme k cie secrete dans 75 
lequel des terminaux 6metteurs de donnees 
ainsi que des terminaux r6cepteurs dedonnees 
connaissent la cle secrete qui est utilisee pour 
le cryptage et decryptage de donnees emises; 
des moyens de cryptage ^ cl6 publique (103) 20 
pour crypter les donn6es enregistr6es au 
moyen d'un systeme ^ cie publique dans lequel 
la cle de cryptage de chaque terminal est ac- 
cessible de fagon commune, mais la cl6 de de- 
cryptage de chaque terminal est gardee privee 25 
par chaque terminal correspondant; et 
des premiers moyens de commande de cl6 se- 
crete (101, DATA KEY; 74) pour faire en sorte 
que les moyens de cryptage a cie secrete chan- 
gent la cie secrete; et ^0 

un terminal recepteur(2) comprenant 

des moyens de decryptage k cl6 secrete (208, 
209; 82, 83, 85) pour d6crypter les donnees en 55 
temps reel par un systeme a cie secrete, dans 
lequel des terminaux emetteurs de donnees 
ainsi que des terminaux r6cepteu rs de donnees 
connaissent la cle secrete qui est utilisee pour 
le cryptage et le decryptage de donnees emi- 40 
ses; 

des moyens de decryptage k cl6 publique (204) 
pour decrypter les donnees enregistrees au 
moyen d'un systeme k cl6 publique dans lequel 
la cie de cryptage de chaque terminal est ac- ^5 
cessible de fa9on commune, mais la cie de de- 
cryptage de chaque terminal est gardee privee 
par chaque terminal correspondant; et 
des seconds moyens de commande de cie se- 
crete (201, DATA KEY; 84) pour faire en sorte so 
que les moyens de decryptage h cie secrete 
changent la cie secrete, 

caractehse en ce que 

55 

le terminal recepteur comprend en outre des 
moyens d'emission de demande (201, 202, 
203, 212) pour 6mettre une demande d'emis- 



sion de donnees vers un terminal 6metteur, et 
les premiers moyens de commande de cl6 se- 
crete font en sorte que les moyens de cryptage 
k cie publique cryptent et emettent la cie secre- 
te changee, et ils font en sorte que les moyens 
de cryptage k cl6 secrete changent la cie se- 
crete sous I'effet de la reception d'une deman- 
de d'emission de donnees provenant d'un ter- 
minal recepteur, chaque fois qu'une telle de- 
mande d'emission de donnees est regue, et 
les seconds moyens de commande de cie se- 
crete font en sorte que les moyens de decryp- 
tage k cie secrete changent la cie secrete sous 
I'effet de la reception d'une nouvelle cie secrete 
provenant d'un terminal emetteur, chaque fois 
qu'une telle nouvelle cie secrete est regue sous 
I'effet de remission d'une telle demande 
d'emission de donnees par le terminal recep- 
teur. 

4. Systeme selon la revendication 3, 
caracterise en ce que 

le terminal emetteur pour effectuer un cryptage par 
les moyens de cryptage k cie secrete, en utilisant 
la cie secrete, ou le terminal recepteur pour effec- 
tuer un decryptage par les moyens de decryptage 
k cie secrete, en utilisant la cie secrete, comprend 
en outre des moyens de mesure de temps (107, 
1 08; 207, 208) pour mesurer une duree de cryptage 
ou de decryptage, et des moyens de taxation (111; 
211) pour calculer une information de taxation con- 
formement a une duree d'emission ou de reception 
d'information qui est mesuree par les moyens de 
mesure de temps. 

5. Systeme selon la revendication 3, 
caracterise en ce que 

un fichier pour demander de information au temni- 
nal emetteur, k partir du terminal recepteur, et les 
donnees en temps reel qui sont emises par le ter- 
minal emetteur vers le terminal recepteur confor- 
m6ment au fichier, sont cryptes par les moyens de 
cryptage k cie secrete en utilisant la cie secrete, et 
un fichier de confirmation de reception pour les don- 
nees en temps r6el, qui est emis par le terminal re- 
cepteur vers le terminal emetteur, et un fichier de 
demande de taxe qui est emis par le terminal emet- 
teur vers le terminal recepteur, sont cryptes par les 
moyens de cryptage k cie publique, et sont decryp- 
tes avec la cle de decryptage qui est inherente au 
terminal recepteur. 

6. Systeme selon la revendication 5, 
caracterise en ce que 

les moyens de cryptage k cie publique du terminal 
emetteur cryptent des donnees en temps reel en 
effectuantunecombinaison logiqueOU-EXCLUSIF 
d'une chaTne de donnees en temps r6el et d'une 
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chaTne de nombre pseudo-al6atoire qui est g6n6- 
rde sur la base de la cid de cryptage de donndes 
enregistr6e. et ils 6mettent les donn6es en temps 
r6el crypt6es. 

5 

Syst^me selon la revendication 5, 
caract^risd en ce que 

les moyens de cryptage ^ cid publique du terminal 
recepteur ddcryptent des donn6es en temps r6el en 
comblnant par une fonction loglque OU-EXCLUSIF 
une chaine de donn6es en temps r6el qui est regue 
et une chaine de nombre pseudo-al6atoire qui est 
gSn^r^e sur la base de la cl6 de cryptage de don- 
n6es enregistr6e. 

15 

Le systeme selon la revendication 5, 
caract6rls6 en ce que 

le terminal 6metteur comprend en outre des 
moyens de signature num6rique (1 02) destines 20 
k introduire une signature num6rique pour cer- 
tifier une source d'emission, simultan6ment au 
cryptage lorsque des fichiers sont emis, et 
le terminal r6cepteur comprend en outre des 
moyens de confirmation (205) pour confirmer 25 
la signature num^rique. 

Proc6d6 de transmission de donn6es pour 6mettre 
des donn^es d'un terminal emetteur vers un termi- 
nal recepteur dans un syst6me de reseau, dans le- 30 
quel chacun des terminaux 6metteur et recepteur 
comprend une unit6 de cryptage k cle secrete et 
une unite de decryptagea cle secrfete, chacune d'el- 
les 6tant destin6e k crypter et k d6crypter des don- 
ndes au moyen d'un syst6me k cl6 secrdte dans le- 35 
quel seuls le.s terminaux emetteur et recepteur con- 
naissent la cl6 secr6te qui est utilis6e pour le cryp- 
tage et le d6cryptage de donn6es emises, et com- 
prend une unite de cryptage a c\6 publique et une 
unite de decryptage a cle publique pour crypter et 40 
d6crypter des donn6es au moyen d'un systfeme k 
cl6 publique dans lequel la cl6 de cryptage de cha- 
que terminal est accessible de fagon commune, 
mais la cl6 de d6cryptage de chaque terminal est 
gard6e priv6e par chaque terminal, correspondant, ^5 
ce proc^de comprenant les etapes suivantes : 

le terminal recepteur demande une Emission 

de donnees au terminal emetteur; 

runit6 de cryptage k cl6 publique dans le termi- 5o 

nal Emetteur crypte une cl6 secrdte de I'unitd 

de cryptage k cid secrete dans le terminal 

emetteur; 

le terminal emetteur emet vers le terminal re- 
cepteur la cl6 secrete cryptde; 55 
I'unitd de decryptage k cl6 publique decrypte la 
cle secrete cryptee et place la c\6 secrete dans 
runit6 de cryptage k cl6 secrete dans le termi- 



nal recepteur; 

I'unitd de cryptage k cl6 secrete dans le termi- 
nal 6metteur crypte des donn6es demand6es; 
le terminal 6metteur 6met vers le terminal r6- 
cepteur les donndes demandees et cryptdes; 
I'unit^ de decryptage ci c\6 secrete dans le ter- 
minal recepteur ddcrypte les donndes 6mises; 

dans lequel 

I'unite de cryptage k c\6 secrete du terminal 
emetteur change la cie secrete chaque fois qu'une 
demande d'emission de donnees est regue k partir 
du terminal recepteur. 
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